Flyspray - The bug killer!

This is the Bug Tracking System for the Flyspray project. This is not a demo!

2019-04-22: Flyspray 1.0-rc9 released See https://github.com/Flyspray/flyspray/releases

ID Category Task Type  asc Severity Summary Status Progress Assigned To Due In Version Opened Last Edited
2568DocumentationBug ReportMedium[MANUAL] a missing image in "Understanding Permissions:...Unconfirmed
0%
101.09.201902.09.2019 Task Description

In the page http://www.flyspray.org/manual/group_permissions/ , it is written

Shown is an image of the permissions page for the Flyspray project’s Contributors group

but there is no image in there.

I can think of two ways of dealing with that I guess:

  1. add an image
  2. remove the sentence

What do you think?

2560Backend/CoreBug ReportLowdo not allow close task with reason duplicate referenci...New
0%
peterdd29.07.201929.07.2019 Task Description

So closing a task

FS#1

with

reason: duplicate

and close comment

FS#1

referencing to self should be detected to avoid such user mistakes.

2559Backend/CoreBug ReportLowa duplicate close accepted even when missing comment/ r...New
0%
peterdd29.07.201929.07.2019 Task Description

Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.

The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.

Possible solutions

Frontend hints

  • variant F1 (soft): When duplicate as close reason is selected, a placeholder attribute in the close comment text field could be shown/updated. (maybe as ‘css only’ possible)
  • variant F2 (harder): Deny sending the form if duplicate selected, but comment text field is empty. and shows warning info. (javascript required, nojs browsers still send form.)
  • variant F3 (hard): Deny sending the form if duplicate selected and no task id detected in comment text field. and shows warning info. (javascript required)

Backend deny

  • variant B1 (soft): When request wants close a task with duplicate reason and (cleaned) comment string is empty, deny closing the task and give feedback to user why it was denied.
  • variant B2 (hard): It requires detecting a task id in the comment field and the first detected task id is taken for referencing as ‘is duplicate of’. Limitation of this is that the duplicate could be also a ticket or something of a complete other system.
2552EmailBug ReportHighEmail TLS error (was 'Mail Adress encryption')Unconfirmed
0%
130.05.201931.05.2019 Task Description

Official release

Steps done to create the problem:
Insert correct (tested with gmail) data into the notification tab and click on “Test”

SSL and TLS are checked.

Expected behavior:
Send test email and confirm it.

Experienced behavior:
Following error message

Error message:
Warning: stream_socket_enable_crypto(): Peer certificate CN=`*.netcup.net’ did not match expected CN=`mail*.netcup.net’ in /var/www/vhosts/.netcup.net/httpdocs/**/flyspray/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php on line 103 Completely unexpected exception: Unable to connect with TLS encryption
This should never happend, please inform Flyspray Developers

2550EmailBug ReportLowException handling sending email notificationUnconfirmed
0%
06.05.201906.05.2019 Task Description

Someone reported this:

Today i tried to report an issue about xxx on the xxx (namely xxx) and the following error message has been displayed:
Completely unexpected exception: Expected response code 250 but got code “451”, with message “451 Error in writing spool file "
This should never happend, please inform Flyspray Developers
The issue itself has been created though.
2549User InterfaceBug ReportLowOauth register template always shows "Username already ...Unconfirmed
0%
06.05.201906.05.2019 Task Description

RC9 running on CentOS LAMP stack

Steps done to create the problem:
Set up google as an oauth provider.
Have a user click “Sign in with Google” in the login box.
User connects their account with Flyspray.
Google redirects the user back to Flyspray
The return screen (on flyspray) asks for a username.

Expected behavior:
No warning about duplicate username should be shown on initial page load since no username was entered yet

Experienced behavior:
A warning about the username being already taken is shown.

It appears there is no logic for showing or hiding that warning in register.oauth.tpl

(It would be great if flyspray was able to just use the email as a username to make the UX even better/simpler.)

2544EmailBug ReportLowError when registering new accountUnconfirmed
0%
123.03.201923.03.2019 Task Description

I installed the developer edition.

mysql Ver 14.14 Distrib 5.7.25, for Linux
PHP 7.2.15-0ubuntu0.18.04.1
Ubuntu 18.04.2

Admin settings → Allow users to register and send conf. email.

I DID set up email settings thru google and sent a test email. it did work.

After logging out, I tried to register a new account. I filled in details and got the following error:
Completely unexpected exception: Expected response code 250 but got code “530”, with message “530 5.7.0 Must issue a STARTTLS command first. u13sm3937813iog.80 - gsmtp "
This should never happend, please inform Flyspray Developers

Obviously, the confirmation email was never sent.

I am going to try to manually add a new user. Will update with outcome.

2528User InterfaceBug ReportLowNew user registration doesn't check for duplicate usern...Confirmed
50%
505.01.201907.01.2019 Task Description

Steps done to create the problem:
Visit https://bugs.flyspray.org/index.php?do=register in a private browser window (so you are logged out)

Put in an already taken username (e.g. Stefan or Stefan2)

Expected behavior:
Username gets red and a note appears that username already is taken

Experienced behavior:
Username gets green and registration of a new user proceeds with sending a notification mail with confirmation code.
After putting in the confirmation code in provided page, user gets presented a “username is already taken, choose another” (where?) message, and has to re-start registration process from beginning and hopefully this time choose a not taken name.

2527Backend/CoreBug ReportLowDatabase Check »Your mysql supports full utf-8 since 5....Unconfirmed
0%
105.01.201905.01.2019 Task Description

Steps done to create the problem:
Access /index.php?do=admin&area=checks with a MySQL Version >= 5.5.3

Expected behavior:
Flyspray tests for character set and displays »Your mysql supports full utf-8 since 5.5.3. You are using x.x.x and flyspray tables could be upgraded.« when database schema or one table isn’t set to utf8mb4 character set.

Experienced behavior:
Flyspray always shows this note, even though character set is correct.

As far as I can tell from the source, a query gets executed to the database (and if I do that manually the result is “utf8mb4, utf8mb4_unicode_ci” for my database), but the result doesn’t get checket, the note is always shown (line 123)

2499User InterfaceBug ReportHighChange recaptcha from using file_get_contents to CurlUnconfirmed
0%
118.09.201802.11.2018 Task Description

The issue with many servers now and the reason that recaptcha does not work is because it requires servers to enable allow_url_fopen which is a huge security risk. That is why you get the warning message when you try to run recaptcha that file_get_contents failed to connect.

So the solution is to use Curl to do that job.

Here is the fixed file, excuse my mess i had not cleaned up my code yet... but recaptcha now works.

this file goes in the includes dir... you can clean up the file if you like again sorry about that.

2496EmailBug ReportLowNotification Mail - Link to the task invalid when quick...Waiting on Customer
0%
213.09.201814.09.2018 Task Description

Hello,

I’m having an issue on the notification’s mail sent to people when quick-editing a task, more precisely on the link to the task below.

I had this in my older mails :
mybugtracker.com/js/callbacks/index.php?do=details&task_id=xxxx

I “corrected” it by adding a str_replace here (see my screenshot), and now it’s good.

Thank you

2491Backend/CoreBug ReportLowgroup member links if project manager but not adminNew
0%
1.001.09.201801.09.2018 Task Description

When a user has project manager permissions, but not admin permissions, then on the ‘edit group’ pages like index.php?do=pm&area=editgroup&id=8
the links in the list of users of that group are

index.php?do=admin&area=users&user_id=12345

instead of linking to the users page

index.php?do=user&area=users&id=12345

and a redirect follows with Error #4: You don’t have administrative rights.

2490User InterfaceBug ReportMediumReset Password's Username field has maxlength of 20 - t...Confirmed
50%
1.0201.09.201810.09.2018 Task Description

I’ve set up an account with a username longer than 20 characters, but can’t reset the password because the
flyspray/index.php?do=lostpw
page username field has maxlength=”20” The maxlength for a new user registration seems to be 32 characters.

A related concern is that when setting up the default/admin user on first load of the system, I can use an email address as username (always my preference), but it’s actually not a valid username to create for others thereafter. Consider allowing ‘@’ character in usernames.

2456User InterfaceBug ReportHighMissing GUI controlsUnconfirmed
80%
509.02.201810.02.2018 Task Description

After updating from “1.0-rc6” to “1.0-rc7 dev” there is missing controls menu on writer. Look attachment.
How to solve this?

Is there any settings to enable this or I’m missing something...

2454Backend/CoreBug ReportLowPHP warning in admin edit user areaNew
0%
15.01.201815.01.2018 Task Description

Since PHP7.2 shows a warning in admin area ?do=admin&area=users&user_id=1234567890, when user_id is set, but no alternative user_name parameter.

Probably related to scripts/admin.php

$id = Flyspray::UserNameToId(Req::val('user_name'));
if (!$id) {
  $id = Req::val('user_id');
}
2453Backend/CoreBug ReportMediumvalidate category before storing a new taskNew
0%
1.014.12.201714.12.2017 Task Description

Currently the category_id is not checked if the value is legal for the project when a new task is created.

  • must be unsigned int
  • must be an active category_id of the project or global category.
  • setting a category_id must be allowed - see project settings.

If invalid category_id is sent, deny creating task and show error message and show filled form again.

If no category_id is sent (or empty string) and category select is enabled:

  • either choose a default category

or

  • implement feature request FS#2451 and show that user should select a category.
2449Backend/CoreBug ReportLowUnexepted exception on smtp gmail sendUnconfirmed
10%
729.10.201710.01.2018 Task Description

On creating task we got error on event which must send e-mail via “google mail”.

I hoped that in rc6 this will be solved but not. This error was the same on rc4.

2448Backend/CoreBug ReportLowerror message in eventlog reportsUnconfirmed
0%
226.10.201729.10.2017 Task Description

The last version of Flyspray is simply amazing! it works like a charm :)

This is a small bug report in the eventlog page, that shows this message:

Notice: unserialize(): Error at offset 237 of 808 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88 Notice: unserialize(): Error at offset 229 of 796 bytes in /home/elivebugs/bugs.elivecd.org/themes/CleanFS/templates/reports.tpl on line 88

There’s a small screenshot: http://main.elivecd.org/ss/display.php?image=e-59f2541a445543.02125094.jpg

Thank you!
Thanatermesis

2441Backend/CoreBug ReportMediumrefactor dokuwiki image tagsNew
0%
15.09.201715.09.2017 Task Description
I’ve tried inserting an image in the intro message but it doesn’t show. Is there something broken in the formattext.inc file? Seems unlikley because it’s so old but can’t work out why nothing shows.
Alan

I had to disable some parts last year within dokuwiki quickly due sever reported security issues in that area.

As tradeoff embedding images currently don’t work within dokuwiki textareas in Flyspray.

As I too wish that feature reappear working for my projects, this is on my personal list. But requires focused free time because must be made secure.

Maybe instead of using fetch.php of dokuwiki, we can use Flypsray’s ?getfile=id , which also checks permissions.
But must check also securly file types and maybe resize images to fit into the desired page (thumbnails).

2436Backend/CoreBug ReportLowdokuwiki renderer creates nonunique html-id for h1,h2,h...New
0%
202.08.201702.08.2017 Task Description

The dokuwiki renderer automatic creates for each h(1-6) tag an html id attribute, but doesn’t ensure that this:

  • is not used by Flyspray templates
  • is unique across all tasks (tasklist summary/description mouseover!), id must be unique on a webpage.

Example: id=”footer” and id=”title” are used by the default CleanFS template for example.

id=”footer”

title

id=”title”

title

id=”title1”

title

id=”title2”

The original intention I think is to make dokuwiki content each h-section linkable, for instance by a “table of contents” at top of a wiki content page.
This is currently not used by the dokuwiki integrated in Flyspray, but could be in future.

Possible solution

Add the task_id to the generated id h(1-6) tags, for instance “d1234_footer” “d1234_title”

d - like description

(t1234 used for tags/labels id currently)

2345Text RenderingBug ReportLow<hr> should be in allowed tagsUnconfirmed
0%
220.02.201723.02.2017 Task Description

Because the hr tag is allowed in the new html comment editor it should be also allowed to display it in the ticket description.
class.tpl.php:875 –> just add it here

2344NotificationsBug ReportLowAdmins still get noticed for new users even with the op...Unconfirmed
50%
616.02.201724.03.2017 Task Description

/index.php?do=admin&area=prefs

There’s a checkbox on this menu to toggle whether admins get notices for new user registrations or not. Ours is off, but I’m still getting those notices.

2343EmailBug ReportMediumNotification mailUnconfirmed
0%
214.02.201715.02.2017 Task Description

Good Morning,

I have this message error when I want configure SMTP Server :
Completely unexpected exception: Connection could not be established with host 192.168.0.10 [Permission denied #13]
This should never happend, please inform Flyspray Developers

My flyspray installs on CentOS v7. Postfix installs on the server but I don’t configure anymore.

Can you help me please

Julia LECLERC

2338Backend/CoreBug ReportMediumExport tasks to csv has issuesUnconfirmed
50%
202.02.201712.03.2019 Task Description

You cannot select the fields for export to csv. This means that the commentfield (edit: you mean task description, right?) is always exported too. As this commentfield task description (?) could contain quotes, comma’s etc (like people inserting copies of emails on an issue) it corrupts the output file and the file cannot be read by excel.

2336Backend/CoreBug ReportHighCaptcha validation always fail on registrationUnconfirmed
0%
1301.02.201721.07.2018 Task Description

Correct or wrong code return false!

The results of Securimage Test Script on my server

This script will test your PHP installation to see if Securimage will run on your server.

Session Functionality: Yes!
GD Support: Yes!
GD Version: bundled (2.1.0 compatible)
imageftbbox function: Yes!
TTF Support (FreeType): Yes!
JPEG Support: Yes!
PNG Support: Yes!
GIF Read Support: Yes!
GIF Create Support: Yes!
SQLite Support: Yes!
SQLite is available. If you choose to use it, Securimage can support users who do not accept cookies.
MySQL Support: Yes!
MySQL is available. If you choose to use it, Securimage can support users who do not accept cookies by storing codes in MySQL.
PostgreSQL Support: No
No PostgreSQL support.
LAME MP3 Support: No
LAME was not found, audio will work in WAV format, but not MP3. See Securimage HTML5 audio documentation for info.
Your server meets the requirements for using Securimage!

on modify.inc.php line:754 got

if( !Post::isAlnum('captcha_code') || !$image->check(Post::val('captcha_code'))) {
if( true == false || false == false ) {
2332Backend/CoreBug ReportMediumCSV export filename filteringNew
0%
224.01.201724.01.2017
2330Backend/CoreBug ReportLowPHP Notice: Undefined offset: 0 in scripts/index.php o...Unconfirmed
50%
423.01.201730.01.2017
2319Installer and UpgraderBug ReportHighUpdate failed with "invalid byte sequence for encoding ...Unconfirmed
0%
223.11.201609.12.2016
2318Installer and UpgraderBug ReportLowsyntax_plugin required when selected ckeditor in SetupRequires testing
50%
323.11.201607.12.2016
2317User InterfaceBug ReportMediumDate format wrongConfirmed
20%
1.1 devel122.11.201622.11.2016
2316Backend/CoreBug ReportLow"wrongtoken" is displayed if the comment box is left si...Assigned
0%
peterdd7122.11.201629.07.2019
2315Backend/CoreBug ReportLowFiling a new task is possible with no details in the ma...Unconfirmed
0%
21.11.201621.11.2016
2309User InterfaceBug ReportLowPHP noticed displayed on default "All Projects" page.Unconfirmed
0%
302.11.201626.11.2016
2304Database QueriesBug ReportMediumGreek letters crash tagsConfirmed
0%
126.10.201626.10.2016
2225GreekBug ReportVery LowGreek uses slash for datesConfirmed
20%
324.10.201622.11.2016
2224GreekBug ReportVery LowSemicolon is a bad separatorUnconfirmed
0%
1124.10.201625.10.2016
2223GreekBug ReportVery LowSome strings need splitting or replacementUnconfirmed
0%
2124.10.201625.10.2016
2215Text RenderingBug ReportLowwrong output of Geshi syntax highlighting for xml codeNew
0%
117.10.201631.12.2017
2207Backend/CoreBug ReportHighNonpublic project titles and project description exposi...Confirmed
0%
1.0123.09.201629.09.2016
2202Installer and UpgraderBug ReportHighUnable to upgradeUnconfirmed
0%
310.09.201611.10.2016
2201APIBug ReportHighI got Fatal Error on the Github OAuthUnconfirmed
0%
1.0107.09.201609.09.2016
2200User InterfaceBug ReportMediumIncomplete list of timezones available in the user pref...Unconfirmed
0%
26.08.201626.08.2016
2198User InterfaceBug ReportLowMulti-Select from tasklist offers options to those who ...Unconfirmed
0%
1122.08.201622.08.2016
2197Backend/CoreBug ReportHighChange Time for everyoneUnconfirmed
0%
121.08.201622.08.2016
2188Backend/CoreBug ReportVery LowIt should not possible to relate a task to itselfNew
0%
01.08.201601.08.2016
2160Backend/CoreBug ReportLowCannot "accept" PM close request if already closedUnconfirmed
0%
14.07.201614.07.2016
2142Backend/CoreBug ReportLowPost-authenticate redirect does not make use of baseurl...Unconfirmed
0%
28.06.201601.08.2016
2137Backend/CoreBug ReportLowfeature accesskey bad implemented by web browsersNew
0%
15.06.201615.06.2016
2136User InterfaceBug ReportMediumAfter updating user properties as admin - return to wro...Confirmed
0%
308.06.201623.07.2016
2135Backend/CoreBug ReportHigh"Modify own tasks" does not function correctly when add...Confirmed
50%
1.013107.06.201622.08.2016
Showing tasks 1 - 50 of 301 Page 1 of 71 - 2 - 3 - 4 - 5 - Last >>

Available keyboard shortcuts

Tasklist

Task Details

Task Editing